{
  "threat_severity" : "Important",
  "public_date" : "2026-01-27T21:13:46Z",
  "bugzilla" : {
    "description" : "pytorch: PyTorch: Arbitrary code execution via malicious checkpoint file loading",
    "id" : "2433612",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2433612"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-502",
  "details" : [ "PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.", "A flaw was found in PyTorch, a Python package for tensor computation. A remote attacker could craft a malicious checkpoint file, which, when loaded using the `weights_only` unpickler, could lead to memory corruption. This vulnerability may enable an attacker to achieve arbitrary code execution on the affected system." ],
  "affected_release" : [ {
    "product_name" : "Red Hat OpenShift AI 2.25",
    "release_date" : "2026-06-10T00:00:00Z",
    "advisory" : "RHSA-2026:24977",
    "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9",
    "package" : "rhoai/odh-vllm-gaudi-rhel9:1780069069"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-codeflare-operator-rhel8",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-codeflare-operator-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-training-rocm62-torch24-py311-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-training-rocm62-torch25-py311-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-training-rocm64-torch28-py312-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Not affected",
    "package_name" : "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-24747\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-24747\nhttps://github.com/pytorch/pytorch/163122/commit/954dc5183ee9205cbe79876ad05dd2d9ae752139\nhttps://github.com/pytorch/pytorch/issues/163105\nhttps://github.com/pytorch/pytorch/releases/tag/v2.10.0\nhttps://github.com/pytorch/pytorch/security/advisories/GHSA-63cw-57p8-fm3p" ],
  "name" : "CVE-2026-24747",
  "csaw" : false
}